If you're running a MS SQL database you should perform the following immediately:
(1) block traffic to port 1433 tcp at your perimeter.
(2) ensure all Microsoft SQL servers are patched and a password is setup for the SA account.
(3) enable syskey
(4) block all email to ixltd@postone.com
More information can be found here:
Incidents.org
(1) block traffic to port 1433 tcp at your perimeter.
(2) ensure all Microsoft SQL servers are patched and a password is setup for the SA account.
(3) enable syskey
(4) block all email to ixltd@postone.com
More information can be found here:
Incidents.org
